
United States Patent and Trademark Office 




UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark Office 
Address: COMMISSIONER FOR PATENTS 
P.O. Box 1450 

Alexandria, Virginia 22313-1450 
www.uspio.gov 



APPLICATION NO. 



FILING DATE 



FIRST NAMED INVENTOR 



ATTORNEY POCKET NO. | CONFIRMATION NO. | 



09/930,351 



08/15/2001 



Ronald P. Doyle 



20792 7590 06/30/2005 

MYERS BIGEL SIBLEY & SAJOVEC 
PO BOX 37428 
RALEIGH, NC 27627 



5577-243 



3470 



EXAMINER 



POWERS, WILLIAM S 



ART UNIT 



PAPER NUMBER 



2134 

DATE MAILED: 06/30/2005 



Please find below and/or attached an Office communication concerning this application or proceeding. 



PTO-90C (Rev. 10/03) 



! 

Office Action Summarv 


Application No. 

09/930,351 


Applicant(s) 
DOYLE ET AL. 


Examiner 

William S. Powers 


Art Unit 
2134 





- The MAILING DATE of this communication appears on the cover sheet with the correspondence address 
Period for Reply 
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- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 
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Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
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closed in accordance with the practice under Ex parte Quay/e, 1935 CD. 11, 453 O.G. 213. 
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4) S Claim(s) 1-46 is/are pending in the application. 
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5) Q Claim(s) is/are allowed. 

6) S Claim(s) 1-46 is/are rejected. 
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8) 0 Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) ^ The specification is objected to by the Examiner. 

10) S The drawing(s) filed on 15 August 2001 is/are: a)^ accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
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DETAILED ACTION 

1. Claims 1-46 have been examined. 

Specification 

2. The disclosure is objected to because of the following informalities: 

a. The acronym DOS used throughout the application to mean denial 
of service, but it stands for Disk Operating System (Microsoft Computer 
Dictionary, 5 th Ed., page 173). The accepted acronym for denial of service 
is DoS with a lower case O (Microsoft Computer Dictionary, 5 th Ed., page 
173). 

b. The tense of the verb "forward" (page 22, line 14) is incorrect. 
Appropriate correction is required. 

Claim Objections 

3. Claims 20, 23, 24, 31, 34 and 37 are objected to because of the following 
informalities: 

a. As to claims 20, 23 and 24, the claim does not further limit claim 19, 
but it does further limit claim 18. Examiner assumes that claims 20, 23 and 
24 depend on claim 18 for the purpose of examination. 

b. As to claim 31 , "storage device" (page 30, line 24 and 27) are 
singular, while "storage devices" (page 30, line 26) is plural. 

c. As to claim 34, "address" (page 31, line 19) is not pluralized. 
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d. As to claim 37, "a" and "addresses" (page 31 , line 29) do not agree 
in number. 

Appropriate correction is required. 

Claim Rejections - 35 USC §112 

The following is a quotation of the first paragraph of 35 U.S.C. 112: 

The specification shall contain a written description of the invention, and of the manner and 
process of making and using it, in such full, clear, concise, and exact terms as to enable any 
person skilled in the art to which it pertains, or with which it is most nearly connected, to make 
and use the same and shall set forth the best mode contemplated by the inventor of carrying 
out his invention. 

4. Claim 26 is rejected under 35 U.S.C. 112, first paragraph, as failing to 
comply with the enablement requirement. The claim(s) contains subject matter 
which was not described in the specification in such a way as to enable one 
skilled in the art to which it pertains, or with which it is most nearly connected, to 
make and/or use the invention. 

As to claim 26, it is not clear from the claim language or the specification 
the criteria for a subnet match of the source IP address and the origin of the 
packet. 

Claim Rejections - 35 USC § 101 

35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or 
composition of matter, or any new and useful improvement thereof, may obtain a patent 
therefor, subject to the conditions and requirements of this title. 

5. Claims 32-34 and 37-39 are rejected under 35 U.S.C. 101 because the 
claimed invention is inoperative. 
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According to the specification, the source IP address is considered 
spoofed "if the source IP address of the packet is not bound to the Media Access 
Control (MAC) address at the source device of the packet" (page 9, lines 17-19). 
Therefore, it is not possible for a spoofed source IP address to be bound to the 
MAC address of the source devices. 

Claims 32-34 and 37-39 are also rejected under 35 U.S.C. 112, first 
paragraph. Specifically, since the claimed invention is inoperative for the reasons 
set forth above, one skilled in the art clearly would not know how to use the 
claimed invention. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 
U.S.C. 102 that form the basis for the rejections under this section made in this 

Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by another 
filed in the United States before the invention thereof by the applicant for patent, or on an 
international application by another who has fulfilled the requirements of paragraphs (1), (2), 
and (4) of section 371 (c) of this title before the invention thereof by the applicant for patent. 

The changes made to 35 U.S.C. 102(e) by the American Inventors 
Protection Act of 1999 (AIPA) and the Intellectual Property and High Technology 
Technical Amendments Act of 2002 do not apply when the reference is a U.S. 
patent resulting directly or indirectly from an international application filed before 
November 29, 2000. Therefore, the prior art date of the reference is determined 
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under 35 U.S.C. 102(e) prior to the amendment by the AIPA (pre-AlPA 35 U.S.C. 
102(e)). 



6. Claims 1-12, 19, 26-28, 31, 33 and 40-46 are rejected under 35 

U.S.C. 102(e) as being anticipated by U.S. Patent No. 6,754,716 to Sharma et al 

(hereto referred to as Sharma). 

As to claim 1 , Sharma teaches the use of a list of authorized IP and MAC 
addresses that are linked together to thwart spoofing attempts if the addresses 
do not match up (column 2, lines 21-29 and column 5, lines 26-33). 

As to claim 2 and 41 , Sharma teaches that the MAC address is associated 
with a router (column 7, lines 20-23). 

As to claim 3 and 7-8, Sharma teaches the use an ARP for resolving 
addresses (column 5, lines 26-33). 

As to claim 4 and 9, Sharma teaches the steps of processing an ARP 
request (column 5, line 44-column 6, line 19). 

As to claim 5, claim 5 is essentially a combination of claims 1-4 and is 
rejected with the same references. 

As to claim 6, Sharma teaches MAC addresses are associated with 
routers (column 2, lines 21-29) and a list of IP and MAC address pairs that is 
used to authenticate network communications (column 4, lines 54-61). 

As to claim 10-12, Sharma teaches discarding packet if the source IP and 
source MAC addresses are not authorized and there is no response to an ARP 
request (column 5, line 44-column 6, line 19). 
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As to claim 19, 26-28, 33, 40 and 44-46, Sharma teaches discarding the 
packet if the source IP address cannot be resolved to the source MAC address at 
the source device (column 5, lines 20-33). 

As to claim 31, Sharma teaches networked computers with memory 
(column 4, lines 22-24) that discard packets that are not authorized (column 5, 
line 44-column 6, line 19). 

As to claim 42, Sharma teaches an Address Resolution Module to monitor 
packet traffic (column 4, lines 32-36). 

As to claim 43, Sharma teaches that the system comprises a router 
(column 2, lines 19-21). 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 
all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described 
as set forth in section 1 02 of this title, if the differences between the subject matter sought to 
be patented and the prior art are such that the subject matter as a whole would have been 
obvious at the time the invention was made to a person having ordinary skill in the art to which 
said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 

7. Claims 13-18 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over U.S. Patent No. 6,754,716 to Sharma et al (hereto referred to as Sharma) in 
view of U.S. Patent No. 6,496,935 to Fink et al (hereto referred to as Fink). 

As to claim 13, Sharma teaches the use of an ARP request, through an 
Address Resolution Module (ARM), to resolve source IP and MAC addresses 
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(column 4, lines 54-56), but does not specifically disclose the forwarding of 
packets with unknown source IP addresses. 

Fink teaches the use of a pre-filtering module that forwards packets with 
unknown source IP addresses to the firewall for further processing (column 4, 
lines 27-35) to accelerate packet processing. 

Therefore, it would be obvious to one of ordinary skill in the art at the time 
the invention was made to use the ARP request of Sharma with the pre-filtering 
module of Fink to accelerate packet processing. 

As to claims 14-16, Sharma teaches the use of the ARM to check if a 
packet's source IP address paired to the packet's source MAC address. If IP and 
MAC addresses match, the communication will continue. If the IP and MAC 
addresses do not match, the packet is discarded (column 6, line 66-column 7, 
line 4). 

As to claim 17, Sharma teaches that all network devices communicate 
only with routers (column 7, lines 20-23). 

As to claim 18, Sharma teaches forwarding packet if the MAC address has 
an IP address that corresponds to the source IP address (column 7, lines 10-19). 

8. Claims 20-23 and 35-37 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over U.S. Patent No. 6,754,716 to Sharma et al (hereto referred to 
as Sharma) in view of U.S. Patent No. 5,884,024 to Lim et al (hereto referred to 
as Lim). 
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As to claims 20-22 and 35-36, Sharma teaches a list of authorized IP 
addresses for each network device, but does not specifically mention a 
predefined number of addresses (column 2, lines 43-48). 

Lim teaches a preset limit of IP addresses that is applied to all clients on 
the network (column 3, lines 49-51) or subnet, as each computer network is 
made of a series of client systems (column 4, lines 48-50) based on network 
performance (column 2, lines 28-34) and if the limit of IP addresses is exceeded 
execution of the packet is stopped (column 8, lines 56-65) to further discourage 
the illicit use of IP addresses. 

Therefore, it would be obvious to one of ordinary skill in the art at the time 
the invention was made to use the list of authorized addresses of Sharma with 
the preset limit of IP addresses assignable to the subnets of Lim to further 
discourage the illicit use of IP addresses. 

As to claim 23 and 37, Sharma teaches discarding a packet if the source 
IP address of the packet is not bound to the source MAC address of the packet 
(column 5, line 44-column 6, line 19). 

9. Claims 24 and 25 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over U.S. Patent No. 6,754,716 to Sharma et al (hereto referred to 
as Sharma) in view of U.S. Patent No. 6,289,377 to Lalwaney et al (hereto 
referred to as Lalwaney). 

As to claims 24 and 25, Sharma teaches the forwarding of packets if the 
IP address is known (column 7, lines 10-19), but does not specifically mention 
the use of Dynamic Host Configuration Protocol (DHCP) request packets. 
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Lalwaney teaches the use of DHCP to manage IP and MAC addresses of 
a network device (column 3, line 30-32), the forwarding of a DHCP request if the 
source address is associated with the DHCP request (column 4, lines 38-44) and 
examines the contents of the DHCP message before forwarding (column 5, lines 
5-8) to allow a user quick and safe access to network devices. 

Therefore, it would be obvious to one of ordinary skill in the art at the time 
the invention was made to use the forwarding of known source IP address 
packets of Sharma with the use of Dynamic Host Configuration Protocol of 
Lalwaney to allow a user quick and safe access to network devices. 
10. Claims 29-30 and 39 rejected under 35 U.S.C. 103(a) as being 
unpatentable over U.S. Patent No. 6,754,716 to Sharma et al (hereto referred to 
as Sharma) in view of U.S. Patent No. 6,182,226 to Reid et al (hereto referred to 
as Reid). 

Sharma teaches discarding of the packets with spoofed IP addresses 
(column 5, lines 20-33), but does not specifically mention taking any other kind of 
remedial action. 

Reid teaches the collecting of attacker information (column 4, lines 35-43) 
and sending notification of an attack to administrators (column 4, lines 44-46) to 
add further protection to the network. 

Therefore, it would be obvious to one of ordinary skill in the art at the time 
the invention was made to use the discarding of spoofed packets of Sharma with 
the collection of attacker information and notification of an administrator as 
disclosed by Reid to add further protection to the network. 
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11. Claim 34 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Sharma in view of Lim as applied to claim 20 above, and further in view of Reid. 

Sharma teaches a list of authorized IP addresses for each network device, 
but does not specifically mention a predefined number of addresses (column 2, 
lines 43-48). 

Lim teaches a preset limit of IP addresses that is applied to all clients on 
the network (column 3, lines 49-51), but does not specifically mention contacting 
the system administrator in the case where the limit is exceeded. 

Reid teaches sending notification to administrators of an attack (column 4, 
lines 44-46) to add further protection to the network. 

Therefore, it would be obvious to one of ordinary skill in the art at the time 
the invention was made to use the authorized list of IP addresses of Sharma with 
the preset limit of Lim and the notification of the administrators in the event of an 
attack as disclosed by Reid to add further protection to the network. 

Conclusion 

12. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

U.S. Patent No. 6,073,178 to Wong et al teaches DHCP request detected 
by source IP address. 

U.S. Patent No. 6,009,103 to Woundy teaches using DHCP to allocate IP 
addresses. 
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U.S. Patent No. 6,466,986 to Sawyer et al teaches IP and MAC addresses 
bound in ARP tables and anti-spoofing guidelines. 

U.S. Patent No. 5,935,245 to Sherer teaches verification of IP and MAC 
addresses to thwart spoofing. 

U.S. Patent No. 6,618,398 to Marchetti et al teaches IP and MAC 
addresses are resolved in ARP tables. 

U.S. Patent No. 5,757,924 to Friedman et al teaches IP and MAC 
addresses are resolved in ARP tables. 

U.S. Patent Application No. 2002/0013844 to Garrett et al teaches binding 
IP and MAC addresses in ARP tables. 

13. Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to William S. Powers, whose telephone number 
is (571) 272-8573. The examiner can normally be reached Monday-Thursday 
from 8 AM - 4:30 PM Eastern Time. 

If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Gregory Morse, can be reached at (571) 272-3838. 

Any response to this action should be mailed to: 

Commissioner of Patents and Trademarks 
PO Box 1450 

Alexandria, VA 22313-1450 
Or faxed to: 

(703) 872-9306 

Any inquiry of a general nature or relating to the status of this application 
or proceeding should be directed to the receptionist whose telephone number is 
(571)272-2100. 
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Information regarding the status of an application may be obtained from 
the Patent Application Information Retrieval (PAIR) system. Status information 
for published applications may be obtained from either Private PAIR or Public 
PAIR. Status information for unpublished applications is available through Private 
PAIR only. For more information about the PAIR system, see http://pa in- 
direct, uspto.gov . Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at (886) 217-9197 (toll- 
free). 





David Y. Jung 
Primary Examiner 



June 22, 2005 




